Support for GDHCN via Android FHIR SDK #2768
Comments
|
These GDHCN keys are typically public keys used to verify digital signatures on health certificates. They correspond to private keys held by trusted certificate issuers (e.g., national health authorities). Storing private keys on device is probably discouraged and not clear to me also as its something that is owned by national health authorities. |
jingtang10
added
P1
|
Should it be renamed to support GDHCN in the SDK instead? I am not convinced the Engine module is the place for GDHCN since they are not FHIR models but W3C DIDs. |
fredhersch
changed the title
|
@vitorpamplona Has there been any further discussion with Carl about this work from your side? |
|
Not really. Just a basic evaluation after our discussion last year. There are basically three buckets to this work:
1 is basically data sync and management like the Engine does, but for DIDs. 2 will include a bunch of cryptographic libraries to the SDK since the DID spec allows the use any cryptographic scheme the user chooses. 3 will need some definitions on how to hash the IPS outside of the QR codes already defined for covid. Maybe this needs a new IG. But hopefully the hashing mechanism gets standardized and becomes part of the main Fhir spec. |
The Global Digital Health Certification Network by the WHO enables a number of use-cases that leverage FHIR IPS.
We want to enable developers to be able to use the Android FHIR SDK as the underlying SDK for different use-cases.
To do this, the SDK needs to be able to manage the GDHCN keys in a secure manner.
The text was updated successfully, but these errors were encountered: